Target hack not possible without some old-school theft

The massive hack that hit Target in the weeks before Christmas 2013 wouldn’t have been possible without someone actually stealing the credentials of a vendor, Reuters revealed. “The ongoing forensic investigation has indicated that the intruder stole a vendor’s credentials, which were used to access our system,” Target spokeswoman Molly Snyder said, without revealing what was taken.

Meanwhile, Attorney General Eric Holder on Wednesday confirmed that federal authorities are investigating the data breach at Target, without offering specific details regarding the course of the investigation, USA Today reports.

“The Department of Justice takes seriously reports of any data breach, particularly those involving personally identifiable or financial information, and looks into allegations that are brought to its attention,” Holder told the Senate Judiciary Committee. “While we generally do not discuss specific matters under investigation, I can confirm the department is investigating the breach involving the U.S. retailer, Target. And we are committed to working to find not only the perpetrators of these sorts of data breaches – but also any individuals and groups who exploit that data via credit card fraud.”